menreeq
asked on
RPC over HTTP not working on Exchange server with identical local and public name
I'm trying to configure HTTP over RPC on SBS Premium 2003 Server. I have successfully configured this option before but on this server it simply does not work. I suspect that the problem is caused by the fact that the local & public names of the mail server are identical - the local domain was set up with a .com suffix that maches the external domain & the computer name of the server is MAIL which matches the public URL i.e. mail.domainname.com.
FYI - This is SBS Premium 2003 so exchange and RPC Proxy are on the same server.
Has anyone encountered this before & is there a solution for it?
Many thanks
FYI - This is SBS Premium 2003 so exchange and RPC Proxy are on the same server.
Has anyone encountered this before & is there a solution for it?
Many thanks
ASKER
I just tried RPCPING, it prompts me for the password but returns with the following error:
Error 12007 returned in the WinHttpSendRequest. Ping failed?
Any ideas?
Error 12007 returned in the WinHttpSendRequest. Ping failed?
Any ideas?
ASKER
Just pinged it again, I get a 404 code when I use rpcping.
What happens when you browse the /rpc directory?
Do you get a certificate prompt?
Try closing Outlook.exe - check task manager to ensure that it has gone.
Then click start, run and type
outlook.exe /rpcdiag
Which bit fails?
Simon.
Do you get a certificate prompt?
Try closing Outlook.exe - check task manager to ensure that it has gone.
Then click start, run and type
outlook.exe /rpcdiag
Which bit fails?
Simon.
ASKER
Simon,
rpcdiag shows that it keeps trying to connect. The status shows up as Connecting for several minutes for Directory, referral and mail. After that the status shows up as disconnected for Directory ( the referral and mail just dissapears). There is nothing listed under Req/Fail
When I browse the /rpc directory I do NOT get a certificate prompt. Once I log in I get the following:
HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource.
Internet Information Services (IIS)
Many thanks
rpcdiag shows that it keeps trying to connect. The status shows up as Connecting for several minutes for Directory, referral and mail. After that the status shows up as disconnected for Directory ( the referral and mail just dissapears). There is nothing listed under Req/Fail
When I browse the /rpc directory I do NOT get a certificate prompt. Once I log in I get the following:
HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource.
Internet Information Services (IIS)
Many thanks
The error message that you get from the web site is correct. Something about the way it interacts.
From the rpcdiag symptoms, I would have to say that the problem is the registry entries. It doesn't take much to knock them out.
Make sure that it is pointing to a valid global catalog domain controller running Windows 2003 and that the GC/DC has had its registry entry made correctly.
Ensure that the references to the server refer to each name the server could be known as... server.domain.local, mail.domain.com etc
Most problems with RPC over HTTPS are caused by either the certificate or the registry entries.
Simon.
From the rpcdiag symptoms, I would have to say that the problem is the registry entries. It doesn't take much to knock them out.
Make sure that it is pointing to a valid global catalog domain controller running Windows 2003 and that the GC/DC has had its registry entry made correctly.
Ensure that the references to the server refer to each name the server could be known as... server.domain.local, mail.domain.com etc
Most problems with RPC over HTTPS are caused by either the certificate or the registry entries.
Simon.
ASKER
Could you point me to an article that has the registry entries you're talking about?
Thanks
Thanks
I have an article on my web site that lists the entire registry entries that I find works. There are more entries than in the Microsoft information, but I know they work.
http://www.amset.info/exchange/rpc-http-server.asp
Simon.
http://www.amset.info/exchange/rpc-http-server.asp
Simon.
ASKER
Please do not close this question, still working on it...
ASKER
Simon,
I've made all the changes you suggest on your site, I'm still not connecting through RPC over HTTP. Do you have any other ideas?
Thanks
I've made all the changes you suggest on your site, I'm still not connecting through RPC over HTTP. Do you have any other ideas?
Thanks
Are you still trying to get this working INSIDE your firewall?
Tried all the tests above?
Web browser...
RPCDIAG...
etc
Simon.
Tried all the tests above?
Web browser...
RPCDIAG...
etc
Simon.
ASKER
I've tried to get it to connect from inside the firewall and from the ouside... it simply does not want to connect RPC over HTTP. Don't mean to sound like a broken record but are you certain that this problem is not caused by the fact that the internal & external name of of the mail server is identical? i.e. local fqdn is mail.domain.com & public url is mail.domain.com as well.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Therefore the problem is elsewhere and that means standard troubleshooting...
Browse to https://mail.domain.com/rpc - any certificate prompts? If so, that will break RPC over HTTPS.
Have you tested this with RPCPING?
If you use RPCDIAG, which bit fails - Domain lookup or Exchange lookup?
Simon.